CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

480 matches found

NVD•added 2023/09/20 10:15 p.m.•12 views

CVE-2023-36234

Cross Site Scripting XSS vulnerability in Netbox 3.5.1, allows attackers to execute arbitrary code via Name field in device-roles/add function...

5.4CVSS5.5AI score0.0008EPSS

Exploits1References1

OSV•added 2023/09/20 10:15 p.m.•13 views

CVE-2023-36234

Cross Site Scripting XSS vulnerability in Netbox 3.5.1, allows attackers to execute arbitrary code via Name field in device-roles/add function...

5.4CVSS6.6AI score

Exploits0References1

Prion•added 2023/09/20 10:15 p.m.•10 views

Cross site scripting

Cross Site Scripting XSS vulnerability in Netbox 3.5.1, allows attackers to execute arbitrary code via Name field in device-roles/add function...

4.9CVSS5.6AI score0.0008EPSS

Exploits1References1Affected Software1

CNNVD•added 2023/09/20 12:0 a.m.•1 views

NetBox Cross-Site Scripting Vulnerability

NetBox is a Django, PostgreSql based tool for IP Address Management IPAM and Data Center Infrastructure Management DCIM from the NetBox community. A security vulnerability exists in NetBox version 3.5.1 that originates from allowing an attacker to execute arbitrary code via the Name field in the...

5.4CVSS7.7AI score0.0008EPSS

Exploits1References2

Positive Technologies•added 2023/09/20 12:0 a.m.•2 views

PT-2023-25491 · Netbox · Netbox

Name of the Vulnerable Software and Affected Versions: Netbox version 3.5.1 Description: The issue allows attackers to execute arbitrary code via the Name field in the device-roles/add function, which is a Cross Site Scripting XSS vulnerability. This enables attackers to inject malicious scripts...

5.4CVSS5.6AI score0.0008EPSS

Exploits1References7

CVE•added 2023/09/20 12:0 a.m.•51 views

CVE-2023-36234

NetBox 3.5.1 contains a Cross-Site Scripting (XSS) vulnerability exploitable via the Name field in device-roles/add. The root cause is not explicitly detailed in the provided documents beyond the XSS issue. Impact per the CVE metrics indicates limited impact with a Medium severity (CVSS v3.1: AV:...

5.4CVSS5.5AI score0.0008EPSS

Exploits1References1Affected Software1

Cvelist•added 2023/09/20 12:0 a.m.•12 views

CVE-2023-36234

Cross Site Scripting XSS vulnerability in Netbox 3.5.1, allows attackers to execute arbitrary code via Name field in device-roles/add function...

5.7AI score0.0008EPSS

Exploits1References1

ATTACKERKB•added 2023/08/10 8:15 p.m.•0 views

CVE-2023-37625

A stored cross-site scripting XSS vulnerability in Netbox v3.4.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Custom Link templates...

5.4CVSS6.2AI score0.01858EPSS

Exploits1References4

OSV•added 2023/08/10 8:15 p.m.•14 views

CVE-2023-37625

A stored cross-site scripting XSS vulnerability in Netbox v3.4.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Custom Link templates...

5.4CVSS5.7AI score0.01858EPSS

Exploits1References3

NVD•added 2023/08/10 8:15 p.m.•10 views

CVE-2023-37625

A stored cross-site scripting XSS vulnerability in Netbox v3.4.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Custom Link templates...

5.4CVSS5.3AI score0.01858EPSS

Exploits1References3

PyPA•added 2023/08/10 8:15 p.m.•4 views

PYSEC-2023-141

A stored cross-site scripting XSS vulnerability in Netbox v3.4.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Custom Link templates...

5.4CVSS5.7AI score0.01858EPSS

Exploits1References6Affected Software1

Prion•added 2023/08/10 8:15 p.m.•12 views

Cross site scripting

A stored cross-site scripting XSS vulnerability in Netbox v3.4.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Custom Link templates...

4.9CVSS5.2AI score0.01858EPSS

Exploits1References3Affected Software1

OSV•added 2023/08/10 8:15 p.m.•0 views

PYSEC-2023-141

A stored cross-site scripting XSS vulnerability in Netbox v3.4.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Custom Link templates...

5.4CVSS6AI score0.01858EPSS

Exploits1References3

CNNVD•added 2023/08/10 12:0 a.m.•2 views

Netbox Cross-Site Scripting Vulnerability

NetBox is a Django, PostgreSql based tool for IP Address Management IPAM and Data Center Infrastructure Management DCIM from the NetBox community. A security vulnerability exists in Netbox version v3.4.7, which originated from a vulnerability that allows attackers to execute arbitrary web script ...

5.4CVSS6.7AI score0.01858EPSS

Exploits1References3

CVE•added 2023/08/10 12:0 a.m.•136 views

CVE-2023-37625

CVE-2023-37625 describes a stored cross-site scripting (XSS) vulnerability in NetBox v3.4.7, exploitable via a crafted payload injected into the Custom Link templates. The available sources (NVD/OSV, etc.) consistently identify the affected software as NetBox 3.4.7 and the vulnerability as stored...

5.4CVSS5.2AI score0.01858EPSS

Exploits1References3Affected Software1

Cvelist•added 2023/08/10 12:0 a.m.•13 views

CVE-2023-37625

A stored cross-site scripting XSS vulnerability in Netbox v3.4.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Custom Link templates...

5.4AI score0.01858EPSS

Exploits1References3

Positive Technologies•added 2023/08/10 12:0 a.m.•2 views

PT-2023-26047 · Netbox · Netbox

Name of the Vulnerable Software and Affected Versions: Netbox version 3.4.7 Description: A stored cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Custom Link templates. This enables attackers to potentially manipulat...

5.4CVSS5.3AI score0.01858EPSS

Exploits1References7

ATTACKERKB•added 2023/06/14 9:15 p.m.•0 views

CVE-2023-34565

Netbox 3.5.1 is vulnerable to Cross Site Scripting XSS in the "Create Wireless LAN Groups" function...

5.4CVSS6.1AI score0.00099EPSS

Exploits1References2

OSV•added 2023/06/14 9:15 p.m.•13 views

CVE-2023-34565

Netbox 3.5.1 is vulnerable to Cross Site Scripting XSS in the "Create Wireless LAN Groups" function...

5.4CVSS6.2AI score

Exploits0References1